Re: [OpenCA-Devel] MD5 collisions on X509 certs

Ives Steglich Fri, 25 Mar 2005 06:56:50 -0800

Tiller, Robert wrote:
>        
> 
> I’ve submitted a bug id for the MD5/X509 cert collision reported by
> Lenstra, Wang and Weger.
> 
> The PDF files is attached to the bug report.
> 
> Using SHA instead of MD5 avoids the collision. 
> 
> Recommend we only use SHA to sign certs.
> 
> any comments?
>
we can'T just not support md5, since the standard requires we support
it... what the user does, is the users choice,


and sha1 is the defaul ;)

so i don't see 'a problem' in this right now...
since the policies are made by the users - we just provide
some default options - and those are 'safe'

greetings
dalini


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
_______________________________________________
OpenCA-Devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-devel

Re: [OpenCA-Devel] MD5 collisions on X509 certs

Reply via email to